Ian Grigg wrote:
The point in auditing the CAs is that it's better than not auditing the CAs at all.
It's not an absolute. There is no point in auditing
the CAs if it achieves little or nothing, in terms of
security, and costs money.
True, but I lost you after the if. I think the current audits are a useful attempt at establishing identity of peer certs, if not a guarantee. They may cost, but I consider them to be a very good value for money, vs not auditing and simply trusting any random cert without verification which in consumer environment would basically make SSL worthless.
The reason that Frank wrote his policy on these points, presumably, is that it's not clear that audits of CAs deliver value for money.
I did not see him write that. I think he was happy to accept audited CAs, meaning that he did attribute some value in the audit; but that these audits were not all things to all people. Ie: for people who have no money, they get no value from no audit ...
It's one of my points!
Another of my points is someone has to pay for it, even if it doesn't happen. So, a good security view will ask, what's the value for money here?
The end-user or the Mozilla foundation. the one paying for the audit of the CA certs. The CA is paying for the audit.
The end-user may be subject to more scam/fraud by doing SSK transactions with certs issued by unaudited CAs. The value of trusting only auditing CAs to me is clear, reduce this type of risk.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
